AVG Threat Report: Are YOU Vulnerable?

The AVG Technologies Q2 2012 Community Powered Threat Report is out, giving us new insights into the tactics of hackers, scammers, and malware distributors. It contains some interesting milestones, trends, and facts you should keep in mind. Here are some of the highlights of the AVG Threat Report...

What's in the Latest AVG Threat Report?

AVG is a computer security software company whose free and paid products are used by millions around the world. The AVG Community Threat Report is based on data collected from users participating in the AVG Community Protection Network over the past quarter. It provides an overview of online threats from the web, mobile devices, and spam.

By way of disclosure, I'll admit that I'm a satisfied user of the free AVG Anti-Virus product. However, I don't actually recommend one security product over another. I do encourage you to read both Free Anti-Virus Programs and Which Anti-Virus Software is Best? to help you choose one that suits your specific needs.

Here are some of the findings in the AVG Threat Report that I think you'll find interesting, or at least cautionary:

Android has become a favorite target of hackers because Google's mobile operating system now has 59 per cent of the smartphone market. AVG reports its first Android bootkit, "DKFbootkit," which masquerades as a legitimate app while replacing the phone's Linux kernel with malicious code. The bogus app asks the user to authorize several privileges using arcane prompts that most users don't understand; they just click "OK" and continue. The result is a "zombie" phone over which the remote villain has complete control.

China has become a leading source and target of malware, with Trojan-laden spam referencing the Tibetan political situation hitting computers and phones throughout China, Japan, Taiwan, South Korea, and the United States. The email attachment contains an executable program that collects sensitive user information, downloads keylogger malware, and updates the Trojan's signature to thwart detection. But you already know you're not supposed to merrily open just any attachment that happens into your inbox, right?

The latest malware uses sex and fear as attack vectors. The LizaMoon mass injection SQL attack uses both to obtain users' cooperation in its installation. You may find yourself on a Web page that urges you to "click here to view celebrity sxx videos." If you click, you'll be urged to click again to "update your Flash player." There is no video or Flash update; clicking just gets you a free infection.

"Beware of Cheap Imitations..."

You've heard it said that imitation is the sincerest form of flattery. Turns out it's also an effective social engineering tool to spread malicious software. Rovio's popular "Angry Birds Space" game is being mimicked by malware authors. The game is fully functional, so victims have no clue that it also carries a Trojan. It uses the GingerBreak exploit to root the phone, enabling the downloading of more malware, enslavement of the phone to a botnet, modification of files, and tampering with URLs.

Similarly, fake antivirus "free scan" sites download and install malware while seeming busy disinfecting your machine. You may even get a followup message demanding money to remove the malware that the site installed. See my related article Virus Alert: Fake Anti-Virus and Celebrity Scams for some tips on how to avoid these wolves in sheeps' clothing.

Spoofed emails from the FBI inform that reader that he's been caught violating a fictional "Neglectful Use of Personal Computer article 210 of the Criminal Code." Opening an attached file for "more information" installs malware that locks up the user's system. The email demands a $100 payment via untraceable wire transfer to unlock the machine. Of course, that's not how law enforcement works. But a guilty conscience can spur a person to do something stupid.

One other fact in the report that I found intriguiging was that almost 11% of all malware is distributed via portable flash drives. Be extra careful of "lost" flash drives laying around, or the freebies that some companies give away like candy at trade shows. See my article Is Your Flash Drive Infected? to learn how to protect against this threat.

AVG's full report (32 pages) discusses these and other new threats. It's primarily of interest to security researchers, but educating yourself about the types of threats that are in common use can help to keep you safe. The bottom line is that eternal vigilance is still required to avoid being victimized by hackers.

Do you have something to say about defending against malware threats? Post your comment or question below...

Most recent comments on "AVG Threat Report: Are YOU Vulnerable?"

Even with AVG Free, IObit and Spybot, I've had a couple of instances of trojan/rootkit/malware infection but many more when they have been stopped by the aforementioned programs.

I had my Hotmail hacked several years ago and used to send out spam, which was a real pain. I'm pretty sure it resulted from my using an internet cafe. And the same thing happened to a friend of mine this year after he'd used one in Australia. So my advice is always use a one-time password when using a public internet cafe.

I guess Android is becoming the Smartphone equivalent of Windows - it's the obvious and most tempting target.

Posted by:
Jimbo
30 Jul 2012

Why are the perpetrators dealt with so gently? They should get VERY long prison terms or worse. The financial costs and time lost as well as the loss irreplaceable data make this a very serious crime. Why isn't this stuff treated as seriously as bank robbery or extortion or black mail?

Posted by:
Nan Bush
30 Jul 2012

I don't have an Android phone, but I do have a Nook Tablet with an Android SK card. Does this call for the same protections as for a phone?

Posted by:
exbioman
30 Jul 2012

Noone's hacking Ipods, Ipads, apple products?

Posted by:
Keith
31 Jul 2012

No comments have been posted .... because all mature users know -- that we all are dealing (a billion times a day) with this computerized system - that was - in the beginning - "out of control" and is now "exponentially" MORE beyond control.I would rather quote - George Orwell ... or Nostradamos ... but am no longer capable .. can see -- but cannot do.

EDITOR'S NOTE: Ummmmmm, huh? :-)

Posted by:
Eddie Mattison
31 Jul 2012

Bob, I am not convinced that AVG is that great, but I am sure open to you convincing me. I used it and when I got "infected" it said something like, "You have a virus. I am ready to attack it." I was NOT happy. Stopped using it. Have been using Avast, but Avast does not seem heavy or strong enough. I does NOT do well for finding or for treating viruses although it has done well for stopping pages from running that were questionable.

I don't know what the big bruhaha is for folks who like AVG, but there must be something GOOD there. You and others who seem to know like it. Do you like it better than Avast? I am open to trying it again. :-)

EDITOR'S NOTE: Honestly, I've tried all AVG, Avast and Avira. They each seem to work very well for me. I can't really recommend one over the other.

Posted by:
Tim Whalen
02 Aug 2012

Just my 2 cents... I have had issues with AVG Free in the past. After 4 yrs. of usage, I like avast! Internet Security the best. Anything that has tried to encroach my network and system(s) to date has been stopped in its tracks. And, avast! doesn't appear to be heavy on my system resources. If it ain't broke, don't fix it! As with ANY AV prog, the user is STILL responsible for intelligent internet usage. AV's are not a fix for stupidity!

Posted by:
Mike davies
24 Aug 2012

Whichever Anti-Virus you are using (I have AVG Free) you must NEVER have more than one anti-virus program installed. If you have more than one they can see each other as viruses and stop each other from working.

It is OK to have more than one Anti-Spyware. Just make sure they don't schedule to check at the same time, which can make the PC run slow.

Only have one Firewall. If you have more than one they argue about what can or cannot get through because it's extremely difficult to get their permissions synchronised and duplicated.

Post your Comments, Questions or Suggestions

* Name:
* Email:
(* = Required field)

(Your email address will not be published)

Comments: (you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! Comments of a political nature are discouraged. Please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are reviewed, and may be edited or removed at the discretion of the moderator.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.